I want to scan port 445 on my Windows server 2003, but my scanner only has one type ipv6 address which is global not link-local. When I do this, I find that I can't find port 445 open. But I use the command netstat -an to assure the port 445 is listening. Finally I find this confusing phenomenon:

When I set a link-local ddress in my scanner, then it will work in scanning port 445.

When I only set a global address in my scanner, it does not work.

This means if a host with a link-local address use socket to send a syn packet to port 445 in server 2003, it will receive a ack packet. But if with a global address it will receive a rst packet. Thus, I can't scan port 445 in server 2003 with a global address. I need to know why? Can anybody help?

And I use the netsh->firewall to check the exception and netsh->interface->ipv6 to turn off the firewall on the specific interface. Still can't establish the connection with port 445, do you have any idea about this ?

Umm.. if this is Ethernet, I think a link-local address is required to do neighbor discovery, isn't it? What exactly is this "scanning device" that doesn't have link-local addressing?
–
rmalayterNov 19 '12 at 15:29

Very sorry about the spelling and formatting error. Very thanks for your kindness. But it seems there is not a firewall between them. Because using wireshark to catch packet, I find that the request has reached on Windows server 2003, and it just send a rst packet back to refuse connection. It just like I set a TCP/IP filtering in the Internet Protocol(TCP/IP) Properties, but this is just for ipv4 not ipv6. Is this a bug of Windows server 2003, while XP has no such phenomenon?
–
blackteaNov 14 '12 at 1:26